CVSS: 9.8EPSS: 3%CPEs: 3EXPL: 0CVE-2013-6632 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6632
16 Nov 2013 — Integer overflow in Google Chrome before 31.0.1650.57 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013. Desbordamiento de enteros Google Chrome anterior a 31.0.1650.57 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, como se demostró durante una competición Pwn2Own... • http://googlechromereleases.blogspot.com/2013/11/chrome-for-android-update.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6802 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6802
16 Nov 2013 — Google Chrome before 31.0.1650.57 allows remote attackers to bypass intended sandbox restrictions by leveraging access to a renderer process, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013, a different vulnerability than CVE-2013-6632. Google Chrome 31.0 anterior a.1650.57 antes permite a atacantes remotos evitar las restricciones de sandbox aprovechando el acceso a un proceso de render, como se demostró durante una competición Pwn2Own Mobile en PacSec 2013, una vulnerabilidad diferente ... • http://googlechromereleases.blogspot.com/2013/11/chrome-for-android-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 44EXPL: 0CVE-2013-6631
https://notcve.org/view.php?id=CVE-2013-6631
15 Nov 2013 — Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome before 31.0.1650.48 and other products, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger the absence of certain statistics initialization, leading to the skipping of a required DeRegisterExternalTransport call. Vulnerabilidad de uso después de liberación en la función Ch... • http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html •
CVSS: 10.0EPSS: 1%CPEs: 44EXPL: 0CVE-2013-2931 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2931
13 Nov 2013 — Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.48 allow attackers to execute arbitrary code or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anteriores a 31.0.1650.48 permiten a atacantes ejecutar código arbitrario o posiblemente tener otro impacto a través de vectores desconocidos. Multiple vulnerabilities have been reported in Chromium and V8, worst of which may allow execution of arbitrary code. Versions less than 33.0... • http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html •
CVSS: 9.8EPSS: 2%CPEs: 44EXPL: 0CVE-2013-6625 – Apple Security Advisory 2014-04-01-1
https://notcve.org/view.php?id=CVE-2013-6625
13 Nov 2013 — Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of DOM range objects in circumstances that require child node removal after a (1) mutation or (2) blur event. Uso después de liberación en core/dom/ContainerNode.cppde Blink, tal como se usa en Google Chrome anterior a la versión 31.0.1650.48, permite a atacantes remoto... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 3%CPEs: 44EXPL: 2CVE-2013-6627 – Google Chrome < 31.0.1650.48 - HTTP 1xx base::StringTokenizerT<...>::QuickGetNext Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2013-6627
13 Nov 2013 — net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response. net/http/http_stream_parser.cc en Google Chrome anterior a la versión 31.0.1650.48 no procesa adecuadamente códigos de estado HTTP Informational (también conocido como 1xx), lo que permite en servidores web remotos provocar una denegación de servicio (lectura fuera de ... • https://packetstorm.news/files/id/140209 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 44EXPL: 0CVE-2013-6628 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6628
13 Nov 2013 — net/socket/ssl_client_socket_nss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which might allow remote web servers to interfere with trust relationships by renegotiating a session. net/socket/ssl_client_socket_nss.cc en la implementación TLS de Google Chrome anterior a la versión 31.0.1650.48 no asegura que el certificado del servidor es el mismo durante la renegociación co... • http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html •
CVSS: 6.5EPSS: 0%CPEs: 44EXPL: 0CVE-2013-6626 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6626
13 Nov 2013 — The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 31.0.1650.48 does not cancel JavaScript dialogs upon generating an interstitial warning, which allows remote attackers to spoof the address bar via a crafted web site. La función WebContentsImpl::AttachInterstitialPage de content/browser/web_contents/web_contents_impl.cc en Google Chrome anterior a la versión 31.0.1650.48 no cancela diálogos JavaScript en la generación de una adv... • http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html •
CVSS: 9.8EPSS: 2%CPEs: 49EXPL: 1CVE-2013-6621 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6621
13 Nov 2013 — Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the x-webkit-speech attribute in a text INPUT element. Vulnerabilidad de uso después de liberación en Google Chrome anterior a la versión 31.0.1650.48 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto sin especificar a través de vectores relacionados con el atributo x-webkit-spee... • http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 2%CPEs: 44EXPL: 0CVE-2013-6622 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6622
13 Nov 2013 — Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the movement of a media element between documents. Vulnerabilidad de uso después de liberación en la función HTMLMediaElement::didMoveToNewDocument de core/html/HTMLMediaElement.cpp en Blink, tal como se usa en Google Chr... • http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html • CWE-399: Resource Management Errors •